Difference between revisions of "F5 Client vs Server Profiles"
Jump to navigation
Jump to search
(Created page with "https://community.f5.com/t5/technical-forum/ssl-server-vs-client-profile/td-p/45191 ``` you have to look at these from a big-ip point of view, like this: client side - [clie...") |
|||
| Line 12: | Line 12: | ||
unused certificates (so which aren't used in a client or server ssl profile) can be deleted if you are sure they aren't needed any more. on the other side, they don't really hurt you unless you got insane amounts. if they are used you can not delete them. | unused certificates (so which aren't used in a client or server ssl profile) can be deleted if you are sure they aren't needed any more. on the other side, they don't really hurt you unless you got insane amounts. if they are used you can not delete them. | ||
| − | + | ``` | |
Latest revision as of 00:01, 1 December 2023
https://community.f5.com/t5/technical-forum/ssl-server-vs-client-profile/td-p/45191
you have to look at these from a big-ip point of view, like this: client side - [client ssl profile ] - big-ip - [server ssl profile ] - server side the users (clients) are on the client side, their connection is handled by the client ssl profile the pool members (your actual (web) servers) are on the server side, their connection from the big-ip is handled by the server ssl profile. so where do certificates matter the most, that is the client side, so in the client ssl profile, that is the certificate that you will see in the browser (for https servers). unused certificates (so which aren't used in a client or server ssl profile) can be deleted if you are sure they aren't needed any more. on the other side, they don't really hurt you unless you got insane amounts. if they are used you can not delete them.